When I set up my Amahi Home Server a few years ago, one of the things that I wanted to do was be able to send the logs and other emails that normally go to the root account to my gmail account. This way, I could quickly scan the information without having to actively log into the server. My options were to either register my own domain name and go through the steps to set up MX records and servers, or to relay it through another gmail account. I chose the second, since I already have the accounts, and registering and hosting the domain costs money (plus I’m already given a .yourhda.com domain with Amahi).

When I started to set up the relay, it took a while. I ended up finding quite a few sites on the Internet with different methods of configuring the relay (most of which didn’t work right). When I reinstalled my Amahi Server this past weekend (upgrading it to their latest version), I forgot to save the postfix configurations, so I had to redo them. Thankfully it was a simple matter this time. I’ve only done this on Fedora 14/19, but I’m pretty sure the steps will be similar, if not the same, for an Ubuntu based distribution. All of these steps are being done as the root (superuser) account. If you’re using your administrator account, you’ll have to precede each command with sudo.

Creating your Relay

If you haven’t done so already, you need to install postfix first.

yum install postfix

Next you need to open the /etc/postfix/main.cf file in your favorite editor (I use nano, but you can use whatever you prefer).

Forwarding the root emails to your relay

Now this is all pointless unless you make sure that all emails destined for the root mailbox get forwarded to your external account. You could do this a number of ways (such as configuring each application that might send an email to your root to send them to the external account also), but the two easiest ways are to create a .forward file, or create an alias.

Creating a .forward file:

nano /root/.forward

Add the email address that you want to forward the emails to and save the file.

youruser@emaildomain.com

Note that this will bypass the root mailbox altogether. If you want root to continue to receive the emails, you have to add root to the file with the following format

\root

youruser@emaildomain.com

Editing the aliases file and adding the root alias

nano /etc/aliases

Then add the following entry (replacing youruser@emaildomain.com with your external email address)

root: youruser@emaildomain.com

Finally run the newaliases command to make sure you’re using the updated version of /etc/aliases.

newaliases

With that, you should be set up. Now anytime an application sends a message to root, you’ll receive it on your external email account as well. Please note that you’ll still need to log in and clean out the root mail account occasionally, as the messages are still being sent there.

Troubleshooting and Updates for Fedora 19

If you run into any issues with postfix, you need to check /var/log/maillog for problems. The easiest way to do this is with cat /var/log/maillog | tail and then attempt to resend your email that you used to test the configuration.

If you run into any issues, such as gmail rejecting your email with something similar to “530 5.7.0 Must issue a STARTTLS command first.” (and you have the smtp_use_starttls=yes command in your main.cf) file, you need to do the following things:

In main.cf, add the following line

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

then create a tls_policy file in /etc/postfix that has the following line

[smtp.gmail.com]:587 encrypt

Then run postmap /etc/postfix/tls_policy to create the hash of the file.

If you run into a warning or error similar to “warning: TLS library problem: 25188:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen(‘/etc/ssl/certs/ca-certificates.crt’,’r’):”, you need to change that line in main.cf to ca-bundle.crt. This is because Fedora 19 doesn’t have the ca-certificates.crt file anymore. It uses ca-bundle.crt instead. Something to note here is that after you fix the certificate issue, the email will send. So if you’re testing your configuration, you’ll end up with multiple test emails.